Enhancing Biometrics Security with Distributed Source Coding
Gonçalo Lourenço , Paulo Lobato Correia , Luís Ducla Soares
Instituto de Telecomunicações/IST, Av. Rovisco Pai 1, 1049-001 Lisboa, Portug
Instituto de Telecomunicações/ISCTE, Av. das Forças Armadas, 1649-026 Lisboa, P
Phone: +351-218418461, Fax: +351-218418472, e-m {lds,plc}@lx.it.pt
Abstract
1
— The use of biometrics (e.g., fingerprints, irises,
faces) for recognizing individuals is becoming increasingly
popular and many applications are already available.
Biometrics are intrinsically associated with individuals and
cannot be forgotten or shared with others. However, one of the
most relevant vulnerabilities of biometrics is that once a
biometric template is compromised, it cannot be reissued,
updated or destroyed. An attacker could then gain access to all
the accounts/services/applications using that same biometric
trait. This paper proposes a biometric verification system using
distributed source coding principles, with enhanced security
with respect to traditional biometric verification systems. The
generation of different templates from the same biometric data
is supported, as well as cancelable templates. Furthermore, it
will not be possible to recover the original biometric data from
the stored data, thus guaranteeing its privacy.
Keywords: Biometrics security, cryptographic hash function,
distributed source coding, error correcting codes
I. I NTRODUCTION
The use of biometrics (e.g., fingerprints, irises, faces) for
recognizing individuals is becoming increasingly po pular and
many applications are already available. Although t hese
applications can be fundamentally different, they c an still be
grouped into one of two categories: verification and
identification [1][2][3]. While verification systems
authenticate a person s identity by comparing the c aptured
biometric characteristic with that person s own bio metric
template previously stored in the system, identifica tion
systems recognize an individual by searching the en tire
template database for a match with the captured bio metric
characteristic. Here, only verification systems wil l be
considered since this corresponds to the case where the
proposed security enhancements are more relevant, a s will
shortly become clear.
In verification systems, such as access control sys tems, the
use of biometrics has several advantages over the u se of
passwords. The first one is the fact that biometric s are
intrinsically associated with individuals and canno t be
forgotten or shared with others. In addition to thi s, adequately
chosen biometrics have a much higher entropy than p oorly
chosen passwords and, therefore, are less susceptib le to brute
force attacks. Finally, systems that rely on biomet ric
verification require very little user expertise and , therefore,
can be easily and widely deployed.
The authors acknowledge the support of Fundação para a Ciência e
Tecnologia (FCT), under Instituto de Telecomunicaçõe s project P436 -
BIONSE.
Despite the numerous advantag
disadvantages also exist when c . For
instance, it was noted in [4] tha evant
vulnerabilities of biometrics is ric image
template is stolen, it is stolen be reissu
updated, or destroyed. Another th the
use of biometrics is that once a n, the sam
biometric will be used to access tems. Thi
means that, if it is compromised have acce
to all the accounts/services/a the
equivalent of using the same p le
systems, which can lead to som ms in
terms of security, as can be easi
In particular, embedded devices are
especially vulnerable to eavesdr ]. Thus,
protection mechanisms to provid r the
reference biometric template ne
Recently, novel cryptographic y
commitment and fuzzy vault wer
schemes integrate error correctin ting
data subject to some noise, as h uisition
biometric templates. Clancy et a zzy
vault scheme on a secure sma
fingerprint authentication is use er s priva
key. Yang, et al. [8] further addr velop an
automatic and adaptive recogniti t al. [9]
precisely formulated the requ g
biometric authentication system l
algorithm meeting those require y of
template-protected biometric au was
further demonstrated in [10].
Given the identified vulnerabili ification
systems, it is urgent that these ssed. Thi
paper proposes a biometric verifi ill
have enhanced security with res ystems,
exploring the combined usage o oding
and hash functions. The used bio iris, sin
it has been reported to provide sults fo
verification systems and it rema during a
person s lifetime.
The rest of this paper is organi II
presents the proposed architectu ric
verification system, while the i are
described in Section III. Finally, r, some
final remarks about the strengths oach are
presented in Section IV, as well
envisioned future developments.
II. P ROPOSED S YSTEM A RCHITECTURE
After having identified the adv tages of
using biometrics in verificatio be